IBM App Connect Enterprise 安全漏洞

IBM App Connect Enterprise is an operating system developed by IBM Corporation. IBM App Connect Enterprise combines existing, industry-trusted IBM Integration Bus technology with IBM App Connect Professional and new cloud-native technologies, providing a platform that meets the comprehensive...

CVE-2026-31987

JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. Users are advised to upgrade to Airflow version that contains fix. Users are recommended to upgrade to version 3.2.0, which fixes this issue...

EUVD-2014-9507

Malware in sbrugna...

CVE-2025-10744

The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view information like full paths and...

CVE-2025-10744 File Manager, Code editor, backup by Managefy <= 1.6.1 - Unauthenticated Information Exposure

The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view information like full paths and...

CVE-2025-34183

Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains a vulnerability in its server-side logging mechanism that allows unauthenticated remote attackers to retrieve plaintext credentials from exposed .log files. This flaw enables full authentication bypass and system compromise through credential...

CVE-2025-34183 Ilevia EVE X1 Server 4.7.18.0.eden Credentials Leak Through Log Disclosure

Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains a vulnerability in its server-side logging mechanism that allows unauthenticated remote attackers to retrieve plaintext credentials from exposed .log files. This flaw enables full authentication bypass and system compromise through credential...

Information Disclosure

github.com/openbao/openbao is vulnerable to information disclosure. The vulnerability is due to improper handling of malformed data, which allows an attacker to potentially access sensitive information through exposed logs...

PT-2025-6969 · Gatesair · Gatesair Maxiva Vaxt

Name of the Vulnerable Software and Affected Versions: GatesAir Maxiva UAXT, VAXT transmitters affected versions not specified Description: A session hijacking issue exists in the web-based management interface, allowing unauthenticated attackers to access exposed log files at "/logs/debug/xteLog...

IBM: Exposed Logs and Bearer Tokens on Test Endpoint

Exposed Logs and Bearer Tokens on Test Endpoint were reported to IBM, analyzed, and have been remediated...

CVE-2023-34097 Database password exposed in logs in hoppscotch

hoppscotch is an open source API development ecosystem. In versions prior to 2023.4.5 the database password is exposed in the logs when showing the database connection string. Attackers with access to read system logs will be able to elevate privilege with full access to the database. Users are...

CVE-2022-26975

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without authentication...

CVE-2022-22396

Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials that are using API key or certificate are...

CVE-2016-8963

IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user...